code-review
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- Structured Review Methodology: The skill establishes a comprehensive 'Reviewer mindset' that prioritizes skepticism and independent evaluation. It guides the agent through gathering extensive code context (Step 0) before reading the PR narrative (Step 2), which is a recommended practice to avoid cognitive bias during security and correctness reviews.
- Technical Guardrails: It incorporates detailed checklists for critical security and stability areas, including memory safety (stackalloc limits, integer overflow guards), thread safety (volatile/interlocked access), and cryptographic hygiene (ZeroMemory usage).
- API Governance: Includes a dedicated 'API Approval Verification' procedure that enforces project-specific governance by requiring linked issues with specific labels and comparing implementations against approved shapes.
- Performance and Resource Management: The skill emphasizes evidence-based optimization, requiring benchmark data for performance claims and providing specific guidance on avoiding unnecessary allocations in hot paths.
- Cross-Platform and Interop Safety: Contains specific rules for ensuring code correctness across diverse architectures (endianness, alignment) and safe native interop (QCall patterns, GC protection).
Audit Metadata